Vulnerability in Apereo Opencast

CVE-2017-1000221

In Opencast 2.2.3 and older if user names overlap, the Opencast search service used for publication to the media modules and players will handle the access control incorrectly so that users only need to match part of the user name used for…

EPSS: 0.008 (50.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Weakness classification (CWE)

References

  • cve@mitre.org (x_refsource_CONFIRM, Exploit, Issue Tracking, Vendor Advisory)

Frequently asked questions

What is CVE-2017-1000221?
CVE-2017-1000221 is a medium-severity vulnerability in Apereo Opencast, classified under Incorrect Permission Assignment for Critical Resource. CVSS score: 6.5/10. Published 2017-11-17.
How severe is CVE-2017-1000221?
Medium severity. CVSS v3 base score is 6.5 out of 10.